3 several years following one particular of the most visible hacks in new historical past performed out in genuine-time in front of tens of millions of Twitter customers, one particular of the hackers liable for the breach will now provide time in federal prison.
Joseph James O’Connor, 24, was sentenced Friday in a New York federal court to five many years in jail after pleading guilty in May possibly to four counts of laptop or computer hacking, wire fraud and cyberstalking. O’Connor also agreed to forfeit at least $794,000 to the victims of his crimes.
O’Connor, a U.K. citizen, was extradited from Spain at the ask for of U.S. prosecutors earlier this year and has remained in custody considering the fact that.
In the hearing, Choose Jed S. Rakoff explained O’Connor will likely serve about half of his sentence immediately after spending additional than two yrs in pre-demo custody.
O’Connor faced a most of seventy seven yrs in jail, in accordance to Reuters. Justice Division prosecutors termed for O’Connor to serve at least seven a long time in jail.
In courtroom, O’Connor said his crimes ended up “stupid and pointless,” apologized to his victims, and asked the decide for leniency.
According to prosecutors, O’Connor “used his innovative technological skills for malicious needs — conducting a sophisticated SIM swap attack to steal massive quantities of cryptocurrency, hacking Twitter, conducting pc intrusions to take over social media accounts, and even cyberstalking two victims, together with a slight target.”
The government said O’Connor, identified by his online tackle PlugWalkJoe, was part of a team that broke into dozens of large-profile Twitter accounts, such as Apple, Binance, Monthly bill Gates, Joe Biden and Elon Musk, to unfold cryptocurrency get-rich-quick ripoffs in July 2020.
O’Connor utilised cell phone-based mostly social engineering methods to trick Twitter workforce into granting the team of hackers entry to Twitter’s network. A single of the other hackers convicted of the Twitter breach, Graham Ivan Clark, also identified as Kirk, made use of the access to Twitter’s community to abuse an inner admin instrument to hijack and reassign Twitter user accounts.
Twitter quickly blocked end users from publishing to the site as it grappled with the intrusion, as tens of millions of customers watched in genuine time as their timelines flooded with cryptocurrency frauds from some of the most recognizable names on the planet.
A subsequent investigation by New York’s Division of Financial Products and services, which accused Twitter of insufficient cybersecurity protections, discovered that the hackers broke in by “calling Twitter staff members and professing to be from Twitter’s IT section,” then hijacked the Twitter accounts of politicians, superstars, and business owners to tweet “double your bitcoin” cons.
The rip-off netted about $120,000, in accordance to public blockchain documents.
The breach prompted Twitter to increase its cybersecurity controls, introducing components protection keys for its staff to prevent foreseeable future phishing attempts.
Two years on from the hack, far more explosive allegations about the breach came to light-weight.
Peiter “Mudge” Zatko, who was hired as Twitter’s head of stability months following the breach, afterwards described the hackers’ accessibility as obtaining “god method,” which permitted them to imposter-tweet from any account they required. Zatko named the incident “the greatest hack of a social media platform in history” in a whistleblower criticism submitted with federal regulators in 2022, in which Zatko accused his former employer of cybersecurity failings.
Twitter automobile-replied with a poop emoji in response to an emailed ask for for remark, as it has performed given that a short time soon after Elon Musk obtained the enterprise.